At SciNet, we rely on different controls to ensure the protection of our researchers’ data and SciNet systems. These controls are divided into three main categories: physical, technical and administrative controls.
A subset of these controls is listed below.

Physical controls

• Access to our facilities is restricted and reviewed on a regular basis
• Secured areas are monitored
• 24/7 fire & security service is provided by a third party
• Chiller and cooling tower maintain the ideal temperature and humidity in the datacenter
• UPS and generator ensure uninterrupted power source

Technical controls

• Network firewalls and intrusion prevention systems monitor suspicious activities
• Patching of systems is prioritized based on a risk approach
• Two-factor authentication is enforced for privileged users
• Two-factor authentication is offered as optional to researchers
• Backups of systems and researchers’ data are stored securely, in different locations and tested regularly
• Encryption of data in-transit with approved algorithms is enforced to access our systems remotely

Administrative controls

• Security awareness sessions are organized regularly with our staff members
• Incident response plan is tested at least once a year

Please also note that SciNet complies with the University of Toronto standards and Compute Canada policies:
https://isea.utoronto.ca/information-security-standard/
https://www.alliancecan.ca/en/policies

Do you need more details? Feel free to reach out to us!